[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#49261: Segfault during loadup

From: Paul Eggert
Subject: bug#49261: Segfault during loadup
Date: Sun, 11 Jul 2021 01:36:21 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0

On 7/7/21 5:09 PM, Lars Ingebrigtsen wrote:
There seems to be a corruption in the hash tables somewhere.  It's
totally reproducible with the recipe

Thanks for the recipe; it let me reproduce the problem on Fedora 34 x86-64.

The problem comes from the fact that mark_maybe_pointer works differently on pdumper objects than it works on ordinary objects. On ordinary objects, roots can point anywhere into an object (because this sort of thing has happened on real machines), whereas on pdumper objects, roots had to point to the start of the object.

I worked around this particular problem changing mark_maybe_pointer so that pdumper roots can also be tagged (see first attached patch). However, I suspect this is not a complete fix, as it doesn't cover the case where a root points to some part of a pdumper object that is not at the object's start. I added a FIXME about this. Perhaps Daniel can take a look at it sometime. I think the remaining bug will be hit only rarely (if ever).

The second attached patch is in the same area, but is not part of the fix. It causes the GC to be a bit more accurate (i.e., less conservative) for roots, which can help avoid some leaks.

Attachment: 0001-Fix-pdumper-related-GC-bug.patch
Description: Text Data

Attachment: 0002-Make-pdumper-marking-pickier.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]